ExamGecko
Search Search Login
Home Home / CompTIA / SY0-701

CompTIA SY0-701 Practice Test - Questions Answers, Page 35

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following threat actors is the most likely to be hired by a foreign government to attack critical systems located in other countries?
Which of the following is used to add extra complexity before using a one-way data transformation algorithm?
An organization is building a new backup data center with cost-benefit as the primary requirement and RTO and RPO values around two days. Which of the following types of sites is the best for this scenario?
A Chief Information Security Officer wants to monitor the company's servers for SQLi attacks and allow for comprehensive investigations if an attack occurs. The company uses SSL decryption to allow traffic monitoring. Which of the following strategies would best accomplish this goal?
Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal IP addresses?
A technician is opening ports on a firewall for a new system being deployed and supported by a SaaS provider. Which of the following is a risk in the new system?
A newly identified network access vulnerability has been found in the OS of legacy loT devices. Which of the following would best mitigate this vulnerability quickly?
Which of the following involves an attempt to take advantage of database misconfigurations?
An employee receives a text message that appears to have been sent by the payroll department and is asking for credential verification. Which of the following social engineering techniques are being attempted? (Choose two.)
Which of the following security concepts is the best reason for permissions on a human resources fileshare to follow the principle of least privilege?

Question 341

Report
Export
Collapse

The security team at a large global company needs to reduce the cost of storing data used for performing investigations. Which of the following types of data should have its retention length reduced?

A.

Packet capture

A.

Packet capture

Answers
B.

Endpoint logs

B.

Endpoint logs

Answers
C.

OS security logs

C.

OS security logs

Answers
D.

Vulnerability scan

D.

Vulnerability scan

Answers
Suggested answer: A

Explanation:

Packet capture data can be very large and may not need to be stored for extended periods compared to other logs essential for security audits.

Question 342

Report
Export
Collapse

Which of the following is the primary purpose of a service that tracks log-ins and time spent using the service?

A.

Availability

A.

Availability

Answers
B.

Accounting

B.

Accounting

Answers
C.

Authentication

C.

Authentication

Answers
D.

Authorization

D.

Authorization

Answers
Suggested answer: B

Explanation:

Accounting logs user activities such as log-ins and usage duration, which is part of the AAA framework (Authentication, Authorization, and Accounting).

Question 343

Report
Export
Collapse

Which of the following should be used to aggregate log data in order to create alerts and detect anomalous activity?

A.

SIEM

A.

SIEM

Answers
B.

WAF

B.

WAF

Answers
C.

Network taps

C.

Network taps

Answers
D.

IDS

D.

IDS

Answers
Suggested answer: A

Explanation:

A Security Information and Event Management (SIEM) solution collects, aggregates, and correlates logs from multiple sources to detect anomalies and generate alerts. SIEMs are essential for security monitoring and incident detection.

Question 344

Report
Export
Collapse

Which of the following is a type of vulnerability that refers to the unauthorized installation of applications on a device through means other than the official application store?

A.

Cross-site scripting

A.

Cross-site scripting

Answers
B.

Buffer overflow

B.

Buffer overflow

Answers
C.

Jailbreaking

C.

Jailbreaking

Answers
D.

Side loading

D.

Side loading

Answers
Suggested answer: D

Explanation:

Side loading refers to the process of installing applications on a device from outside the official app store, which can introduce security vulnerabilities by bypassing standard app validation processes.

Question 345

Report
Export
Collapse

Which of the following types of identification methods can be performed on a deployed application during runtime?

A.

Dynamic analysis

A.

Dynamic analysis

Answers
B.

Code review

B.

Code review

Answers
C.

Package monitoring

C.

Package monitoring

Answers
D.

Bug bounty

D.

Bug bounty

Answers
Suggested answer: A

Explanation:

Dynamic analysis is performed on software during execution to identify vulnerabilities based on how the software behaves in real-world scenarios. It is useful in detecting security issues that only appear when the application is running.

Question 346

Report
Export
Collapse

Which of the following is the best way to provide secure remote access for employees while minimizing the exposure of a company's internal network?

A.

VPN

A.

VPN

Answers
B.

LDAP

B.

LDAP

Answers
C.

FTP

C.

FTP

Answers
D.

RADIUS

D.

RADIUS

Answers
Suggested answer: A

Explanation:

A VPN (Virtual Private Network) is a secure method to provide employees with remote access to a company's network. It encrypts data, protecting it from interception and ensuring secure communication between the user and the internal network.

Question 347

Report
Export
Collapse

An administrator must replace an expired SSL certificate. Which of the following does the administrator need to create the new SSL certificate?

A.

CSR

A.

CSR

Answers
B.

OCSP

B.

OCSP

Answers
C.

Key

C.

Key

Answers
D.

CRL

D.

CRL

Answers
Suggested answer: A

Explanation:

A Certificate Signing Request (CSR) is a request sent to a certificate authority (CA) to issue an SSL certificate. The CSR contains information like the public key, which will be part of the certificate.

Question 348

Report
Export
Collapse

Which of the following strategies should an organization use to efficiently manage and analyze multiple types of logs?

A.

Deploy a SIEM solution

A.

Deploy a SIEM solution

Answers
B.

Create custom scripts to aggregate and analyze logs

B.

Create custom scripts to aggregate and analyze logs

Answers
C.

Implement EDR technology

C.

Implement EDR technology

Answers
D.

Install a unified threat management appliance

D.

Install a unified threat management appliance

Answers
Suggested answer: A

Explanation:

Deploying a Security Information and Event Management (SIEM) solution allows for efficient log aggregation, correlation, and analysis across an organization's infrastructure, providing real-time security insights.

Question 349

Report
Export
Collapse

A customer has a contract with a CSP and wants to identify which controls should be implemented in the IaaS enclave. Which of the following is most likely to contain this information?

A.

Statement of work

A.

Statement of work

Answers
B.

Responsibility matrix

B.

Responsibility matrix

Answers
C.

Service-level agreement

C.

Service-level agreement

Answers
D.

Master service agreement

D.

Master service agreement

Answers
Suggested answer: B

Explanation:

A responsibility matrix clarifies the division of responsibilities between the cloud service provider (CSP) and the customer, ensuring that each party understands and implements their respective security controls.

Question 350

Report
Export
Collapse

Which of the following is a type of vulnerability that involves inserting scripts into web-based applications in order to take control of the client's web browser?

A.

SQL injection

A.

SQL injection

Answers
B.

Cross-site scripting

B.

Cross-site scripting

Answers
C.

Zero-day exploit

C.

Zero-day exploit

Answers
D.

On-path attack

D.

On-path attack

Answers
Suggested answer: B

Explanation:

Cross-site scripting (XSS) vulnerabilities allow attackers to inject malicious scripts into a website, which are then executed in the user's web browser, potentially leading to data theft or session hijacking.



Total 350 questions
Go to page: of 35
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms